As used herein a “threat” comprises malicious software, also known as “malware” or “pestware”, which comprises software that is included or inserted in a part of a processing system for a harmful purpose. The term threat should be read to comprise possible, potential and actual threats. Types of malware can comprise, but are not limited to, malicious libraries, viruses, worms, Trojans, adware, malicious active content and denial of service attacks. In the case of invasion of privacy for the purposes of fraud or theft of identity, malicious software that passively observes the use of a computer is known as “spyware”.
An entity can comprise, but is not limited to, a file, an object, a class, a collection of grouped data, a library, a variable, a process, and/or a device.
Traditionally, malware scanners attempt to detect threats, such as malicious files, stored in the hard drive of a user's processing system, or received via e-mail. However, more elaborate techniques are being used in order for a threat to avoid detection by the malware scanner such that the user's processing system can be compromised.
One such technique which potentially allows a threat to avoid detection is the use of instant messaging applications, such as for example MSN Messenger application by Microsoft™. The use of instant messaging applications has recently become popular amongst users of networked processing systems. Users of networked processing systems can communicate almost instantaneously with each other using such computer applications. Instant messaging applications generally allow the transfer of text, although, other forms of data such as files can also be transferred amongst users. However, the increased use of instant messaging applications has created a new opportunity allowing processing systems to be compromised with malware.
There exists a need for a method, system, computer readable medium of instructions, and/or a computer program product to identify a malicious message received and/or transferred using an instant messaging application, which addresses or at least ameliorates one or more problems inherent in the prior art.
The reference in this specification to any prior publication (or information derived from it), or to any matter which is known, is not, and should not be taken as an acknowledgment or admission or any form of suggestion that that prior publication (or information derived from it) or known matter forms part of the common general knowledge in the field of endeavour to which this specification relates.